IDS or Intrusion Detection Systems are applications that look for certain behaviors in how scans are performed and try to match those behaviors with their extensive database of exploits to determine whether those activities are malicious. IDS are great tools, especially if you run services on your machine that are accessible to the outside world, such as a web server.

What's important to know is that Intrusion Detection Systems rely heavily on their databases, and they are as effective as their databases allow them to be. This could serve as an advantage or a disadvantage, depending on how you look at it.

There are several good IDS on the market. Black Ice Defender is a good example, and it's popular among home users and business users alike. Intrusion Detection Systems are generally more concerned about incoming scans as opposed to outgoing communications.

got feedback? got feedback?

Any feedback you provide is sent to the owner of this FAQ for possible incorporation and shown publically as well.

by Wildcatboy edited by JMGullett
last modified: 2007-05-07 13:46:28